Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] FCW 22.07.02 Cyberterror Übung "Dark Screen",

Federal Computer Week July 22, 2002

     Cyberterrorism drill set - Operation Dark Screen to help
government, industry prepare for

     BY Dan Caterinicchia

     Federal, state and local government officials are partnering with
representatives from the private sector and the utilities community in a
     exercise designed to identify the links between them in defending ?
and responding to ? a cyberattack.

     Operation Dark Screen, the brainchild of Rep. Ciro Rodriguez
(D-Texas), is a three-phased exercise that will help all the players
involved better
     understand their roles in preparing for, recovering from and
protecting the nation's critical infrastructure during a cyberattack.

     "A lot of people think about chemical, biological and nuclear
attacks, but very few people think about the cyber," Rodriguez said.
"Anyone who is going
     to hit us, it's going to be a combination of those."

     For example, hackers might infiltrate the computer systems that
control San Antonio's power grid to attempt shutting off electricity
across the city.
     Officials from the Air Intelligence Agency (AIA) at Lackland Air
Force Base, Texas, after tracking the hackers' movements, would notify
the local
     utility company, as well as federal, state and local law
enforcement officials, who would apprehend the criminals.

     That's how the scenario should play out ? and what Dark Screen will
test ? but today, a lack of information sharing and response procedures
     the levels of government and the private sector could mean a
victory for terrorists.

     Collaboration is necessary, security experts say, because the
private sector controls 85 percent of the nation's critical
infrastructure, which includes
     telecommunications, transportation and essential government

     A spokesperson for AIA, one of the Dark Screen participants, said
the agency has taken part in numerous military intrusion exercises, but
this is the
     first time it is participating in a civilian-led exercise involving
so many different groups.

     AIA is serving as an adviser to the civilian and community
participants because agency officials feel their participation "will
help to improve the security
     of the complex infrastructures in the San Antonio area," the
spokesperson said. "As a community partner and major user of at-risk
utilities, it is to the
     [AIA's] advantage to assist in helping to preclude cyberattacks on
these valuable assets."

     Lessons to be Learned

     Dark Screen's first phase, scheduled for September, will be a
tabletop exercise in which a still-to-be-determined cyberattack will be
played out and all
     participants will respond, said Gregory White, technical director
of the Center for Infrastructure Assurance and Security at the
University of Texas at
     San Antonio, which is leading the planning and execution of Dark

     AIA has assumed a leadership role in bringing together various
stakeholders, including representatives from the city, the county, the
Army, the Air
     Force, the state attorney general's office, the FBI, the private
sector and many others.

     The second phase of Dark Screen will focus on applying the lessons
learned from the tabletop exercise, and the third phase, to take place
next May,
     will be a live exercise using actual attempts to penetrate
networks, White said. He added that the final phase is "greatly to be
defined," but will involve
     "testing notification and alert chains."

     "We can do it on paper, but by bringing everybody together at one
time, we can see who is prepared to do that," White said. "What we do
here is
     applicable across the nation."

     John Pike, director of the nonprofit organization GlobalSecurity.
org, said the exercise was a welcome break from tradition. The usual
     all-talk-and-no-action stance on cyberattacks is "rather strange,
given the number of emergency response exercises that are conducted to
     other problems, such as hazardous materials spills or nuclear
accidents," he said. He added that actual exercises are needed to
"rehearse response

     The Defense Department frequently conducts exercises in which it
pays companies to penetrate their systems, but Dark Screen will "help
identify the
     interdependencies and linkages between the different sectors,"
White said.

     San Antonio officials plan to "review and modify" their
infrastructure security measures based on the Dark Screen findings, said
Mike Miller, the city's
     emergency management coordinator.

     "We hope to identify quick fixes and implement those quickly, as
well as look at long-term issues that will take more time and resources
to implement,"
     said Miller, who is also assistant chief of the city's fire
department. "The most important thing that we hope to get out of the
exercise is securing San
     Antonio's infrastructure to maintain all aspects of the quality of
life for our community. We also will share our experiences with other
communities to
     help them be better prepared."

     Inside and Out

     The City Public Service (CPS), the utility provider for 560,000
electric and 302,000 gas customers in San Antonio, hopes to improve not
only its
     internal mechanisms, but also its external communications through
Dark Screen, according to Charles Lenz, manager of CPS' technology

     Lenz said that his group would like "a more integrated and formal
internal approach to dealing with cyber incidents, as well as increased
     with external sectors regarding cybersecurity issues." He added
that the lessons learned "will be evaluated internally and, where
warranted, additional
     resources and/or processes acquired or defined."

     Lenz and Miller both said the only event that comes close to what
all of these organizations are attempting to do with Dark Screen was the
Year 2000
     rollover. "Y2K was the last time we did this type of an event, with
a tabletop before the actual Y2K event," Miller said.

     Rodriguez said the idea for Dark Screen was hatched over a year
ago, after the collision between a U.S. EP-3 spy plane and a Chinese
fighter jet in
     which the Chinese pilot was killed.

     That incident set off a series of activities by U.S. and Chinese
hackers, and lawmakers received reports that cyberattacks against the
     Department and DOD increased during that time, he said. "Every time
there's an international crisis, the hits are a little higher."

     Rodriguez said the need for a cyber military exercise was evident
back then, before the Sept. 11 terrorist attacks. Right after the
attacks, when phones
     were useless and one of the few means of communication was by using
wireless handheld devices, the need to identify how the nation would
respond to
     a full-scale cyberattack became critical.

     "We really need to see what we can do," because what if the 911
emergency phone service goes down or financial institutions are hit,
Rodriguez said.
     "I recognize that participating in this exercise may raise concerns
about the privacy of individuals, proprietary business information,
classified information
     and existing vulnerabilities, and these issues will be fully
examined and addressed in the planning stage" (see box).

     Currently, all Dark Screen participants are paying their own way,
which hasn't cost much in the planning stages, but Rodriguez said he has
asked DOD
     for $500,000 to pay for next year's live exercise.

     Meanwhile, the lobbying efforts continue. Rodriguez said he had a
meeting July 11 with John Tritak, director of the Critical
Infrastructure Assurance
     Office, and that Tritak would be hosting a town hall meeting on
cyberterrorism in San Antonio in September, either right before or after
the first phase
     of Dark Screen. Tritak could not be reached for comment.

Olivier Minkwitz___________________________________
Dipl. Pol.
HSFK Hessische Stiftung für Friedens- und Konfliktforschung
PRIF Peace Research Institute Frankfurt
Leimenrode 29 60322 Frankfurt a/M Germany
Tel +49 (0)69 9591 0422  Fax +49 (0)69 5584 81                         pgpKey:0xAD48A592
minkwitz -!
- hsfk -

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.